The Scratch Pad feature is now EOL and the Lightweight API Client can be used to send HTTP, WebSocket, gRPC, and GraphQL requests to test your APIs.
If you require the usage of features like Collections and Environments, you will need to create a Postman account (If you have posted on the forum, you already have one).
Any further issues you you may have, could you please reach out to us on firstname.lastname@example.org.
Extract from our Trust and Security page as it feels relevant to @irian81’s comment “if you accept to store everything in the postman cloud.”
All customer data is stored on the Amazon Relational Database Service and configured securely. Data is stored with at least dual redundancy, with 15-day backups, and is accessible only in the private cloud. We have also instituted per-service access protection and data isolation.
We use cryptographic methods and industry standards to protect customer data in transit between Postman clients, the cloud, and at rest. For example, all communications and data in transit over the internet require the latest version of Transport Layer Security, a cryptographic protocol that provides end-to-end encryption. By default, encryption is also enabled on all our services that contain data at rest.
Also, your sensitive data at rest is encrypted on the server side before storage using AES-256-GCM. The Advanced Encryption Standard with Galois Counter Mode (AES-GCM) provides authenticated encryption, which ensures data confidentiality and integrity.
Other encryption methods include securing customer and company data at the application layer using AES-256-GCM. We encrypt sensitive data, including environment variables, access and refresh tokens, and Amazon Web Services (AWS) secret keys. Postman also encrypts your data using a key management service from AWS. In addition, we have key management capabilities to encrypt sensitive data at the application layer.
We maintain all internal testing and validation data in a production-stack equivalent internal stack populated with fictitious data, meaning Postman does not distribute customer data for internal testing or validation purposes.
More security related details can be found on the page listed above and also on the Security and Trust FAQs and the Security and Trust Portal.